Sophos Cloud Optix
Microsoft has just announced they will be releasing an out-of-band fix for the “Operation Aurora” Internet Explorer zero-day exploit.
This is great news for Internet Explorer users and should serve as enough warning to IT administrators to prepare to roll out this fix. In their blog, Microsoft acknowledged the confusion amongst many users about how to protect themselves from the exploit and the escalation in research related to making it even more potent.
It’s important to point out here the phrase from Hitchhiker’s Guide to the Galaxy: “Don’t Panic”. The in-the-wild exploits seen thus far have been targeted specifically to Internet Explorer 6 and Windows XP.
There has been much chatter in the research community today about further weaponizing this exploit to get around the protection that DEP provides and even attack IE 7 and Windows Vista.
At this point though, this is not circulating in the wild, and hopefully Microsoft will be able to deliver us a permanent fix shortly.
I must commend the security team at Microsoft for doing an excellent job of responding quickly, openly, and with absolute professionalism. While most of the community has been building the panic, Microsoft has continually provided detailed, accurate information that balances the risk with practical advice.
Dr. James Lyne, from our CTO’s office, and I sat down last Friday to discuss on a podcast what these attacks should mean to businesses that were not hit with this attack yet, and provide some insight into how to protect your organization moving forward. Give it a listen and let us know what you think.
19 January 2010 – Duration 11:55 minutes
Creative Commons image courtesy of Jim Linwood’s Flickr photostream.